Configure the Content Gateway policy engine

Before you begin

When Content Gateway is registered with Forcepoint DLP, the Data > System Modules page in Forcepoint Security Manager includes a Content Gateway module.

By default, this agent is configured to monitor web traffic, not block it, and for a default violation message to appear when an incident is triggered. If this is acceptable, you do not need to make changes to the Content Gateway configuration. Simply deploy the new settings.

If you want to block web traffic that breaches policy and customize the violation message, do the following:

Steps

  1. In the Security Manager, go to the Data > Settings > Deployment > System Modules page.
  2. Select the Content Gateway module in the tree view (click the module name itself, not the plus sign next to it).

    It will be listed as Forcepoint Content Gateway server on <FQDN> (<PE_version>), where <FQDN> is the fully-qualified domain name of the Content Gateway machine and <PE_version> is the version of the Content Gateway policy engine.

  3. Select the HTTP/HTTPS tab and configure the blocking behavior you want. Select Help > Explain This Page for instructions for each option.
  4. Select the FTP tab and configure the blocking behavior you want. Select Help > Explain This Page for instructions for each option.
  5. Click Save to save your changes.
  6. Click Deploy to deploy your settings.
    Important: Even if you do not change the default configuration, you must click Deploy to finalize your Content Gateway deployment process.